Roberto Polli

A proper way to implement this requires writing a custom function that: 1. if relative URL in securitySchemes 2. then checks `server.url` Currently spectral yaml ruleset do not support accessing...

Hi @codedust and @Jonasgroeger and thanks for filing this issue! When the OAuth token URL is relative, is it supposed to be based on the `servers` url? Could you please...

@JonasGroeger in `servers` you can mark an url as an `x-sandbox` to skip the check, eg. ``` servers: - url: /foo x-sandbox: true ```

@JonasGroeger the goal of oas-checker rules is to provide *additional checks* respect to the ones included in openapi. In this respect, people using the security ruleset wants to be sure...

Another - simpler - idea could be to selectively disable the rule. Do you use the online validator or the spectral CLI? The online validator could support a way to...

We now have a javascript security rule. Can this be tweaked/duplicated to accommodate this use case? @JonasGroeger @codedust https://github.com/italia/api-oas-checker/blob/master/security/functions/checkSecurity.js

Thanks @philsturgeon ! That's very cool, we need to plan the switch to 6.x first. Can we override single keys like we do with merge keys, or we can just...

Needs #347

New repos already use `main` :) for the old ones I need to find enough time to support the breakup of external pipelines relying on URLs (eg. githubusercontent....) If it...

`Content-Encoding` is not just compression, and specifies a *list* of supported `content-coding`s. It is not an easy header field to manage, because the follow response contents are all different and...